Compare commits
4 Commits
5a801da7b2
...
17d9418708
Author | SHA1 | Date |
---|---|---|
Ricard Illa | 17d9418708 | |
Ricard Illa | c87cae2437 | |
Ricard Illa | 5c35bd5872 | |
Ricard Illa | 0b884b4601 |
|
@ -0,0 +1,34 @@
|
|||
transaction_log /var/log/btrbk.log
|
||||
lockfile /run/lock/btrbk.lock
|
||||
timestamp_format long
|
||||
snapshot_create onchange
|
||||
|
||||
snapshot_preserve 24h 7d 0w 0m 0y
|
||||
snapshot_preserve_min latest
|
||||
target_preserve 0h 14d 6w 4m 1y
|
||||
target_preserve_min latest
|
||||
archive_preserve 0h 1d 1w 1m 1y
|
||||
archive_preserve_min latest
|
||||
|
||||
incremental yes
|
||||
ssh_identity /etc/btrbk/id_ed25519
|
||||
ssh_user btrbk
|
||||
backend btrfs-progs-doas
|
||||
|
||||
compat_remote busybox
|
||||
|
||||
volume /mnt/btr_pool
|
||||
snapshot_dir btrbk_snapshots
|
||||
target ssh://suricata/mnt/btr_backup/narwhal
|
||||
subvolume backups
|
||||
subvolume books
|
||||
subvolume certs
|
||||
subvolume data
|
||||
subvolume docker_volumes
|
||||
subvolume home
|
||||
subvolume home-data
|
||||
subvolume http
|
||||
subvolume music
|
||||
subvolume secrets
|
||||
subvolume transmission
|
||||
subvolume videos
|
|
@ -1,9 +1,23 @@
|
|||
timestamp_format long
|
||||
snapshot_preserve_min 18h
|
||||
snapshot_preserve 48h
|
||||
transaction_log /var/log/btrbk.log
|
||||
lockfile /run/lock/btrbk.lock
|
||||
timestamp_format long
|
||||
snapshot_create onchange
|
||||
|
||||
transaction_log /var/log/btrbk.log
|
||||
snapshot_preserve 24h 7d 0w 0m 0y
|
||||
snapshot_preserve_min latest
|
||||
target_preserve 0h 14d 6w 4m 1y
|
||||
target_preserve_min latest
|
||||
archive_preserve 0h 1d 1w 1m 1y
|
||||
archive_preserve_min latest
|
||||
|
||||
incremental yes
|
||||
ssh_identity /etc/btrbk/id_ed25519
|
||||
ssh_user btrbk
|
||||
backend btrfs-progs-doas
|
||||
|
||||
compat_local busybox
|
||||
|
||||
volume /mnt/btr_pool
|
||||
snapshot_dir btrbk_snapshots
|
||||
snapshot_dir btrbk_snapshots
|
||||
subvolume home
|
||||
subvolume rancher_config
|
||||
|
|
|
@ -23,30 +23,17 @@
|
|||
src: "host_files/btrbk/{{ ansible_hostname }}/btrbk.conf"
|
||||
dest: /etc/btrbk/btrbk.conf
|
||||
|
||||
- name: make btrbk user ssh directory
|
||||
file:
|
||||
state: directory
|
||||
path: /var/lib/btrbk/.ssh
|
||||
owner: btrbk
|
||||
|
||||
- name: copy btrbk user ssh key
|
||||
- name: copy btrbk ssh key
|
||||
copy:
|
||||
src: id_ed25519
|
||||
dest: /var/lib/btrbk/.ssh/id_ed25519
|
||||
dest: /etc/btrbk/id_ed25519
|
||||
owner: btrbk
|
||||
mode: '0400'
|
||||
|
||||
- name: copy btrbk user ssh public key
|
||||
copy:
|
||||
src: id_ed25519.pub
|
||||
dest: /var/lib/btrbk/.ssh/id_ed25519.pub
|
||||
owner: btrbk
|
||||
mode: '0644'
|
||||
|
||||
- name: copy btrbk user ssh public key to authorized_keys
|
||||
copy:
|
||||
src: id_ed25519.pub
|
||||
dest: /var/lib/btrbk/.ssh/authorized_keys
|
||||
dest: /etc/ssh/authorized_keys/btrbk
|
||||
owner: btrbk
|
||||
mode: '0644'
|
||||
|
||||
|
@ -54,7 +41,4 @@
|
|||
lbu:
|
||||
include:
|
||||
- /usr/local/bin/btrbk
|
||||
- /var/lib/btrbk/.ssh/id_ed25519
|
||||
- /var/lib/btrbk/.ssh/id_ed25519.pub
|
||||
- /var/lib/btrbk/.ssh/authorized_keys
|
||||
when: ansible_distribution == "Alpine" and alpine_mode in ["diskless", "data"]
|
||||
|
|
|
@ -6,6 +6,11 @@
|
|||
mode: '0644'
|
||||
owner: root
|
||||
|
||||
- name: create authorized_keys directory
|
||||
file:
|
||||
state: directory
|
||||
path: /etc/ssh/authorized_keys
|
||||
|
||||
- name: setup host ssh certificates
|
||||
include_tasks: certs.yml
|
||||
|
||||
|
|
|
@ -38,7 +38,7 @@ PubkeyAuthentication yes
|
|||
|
||||
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
|
||||
# but this is overridden so installations will only check .ssh/authorized_keys
|
||||
AuthorizedKeysFile .ssh/authorized_keys
|
||||
AuthorizedKeysFile /etc/ssh/authorized_keys/%u
|
||||
|
||||
#AuthorizedPrincipalsFile none
|
||||
|
||||
|
|
Loading…
Reference in New Issue